Smart cards use personal identification numbers (PINs) rather than passwords. The smart card is protected from misuse by the PIN, which is known only to the smart card's owner. To use the smart card, you insert the card in a smart card reader that is attached to a computer and, when prompted, type the PIN. The smart card can be used only by someone who possesses the smart card and knows the PIN.
For computer use, a CAC, PIV or X.509 certificate-based smart card should remain in the reader for the duration of the session. When the smart card is removed from the reader, the credentials are unavailable in the existing login session to any applications that require re-authentication.
Caution - Log out during periods of inactivity. An authenticated smart card is a secure trusted link into the server. To prevent a possible attack from your local system, you must log out or remove your smart card or CAC when not actively working.
The following tasks describe how to use the various entry points to a system to log in to Oracle Solaris with a smart card.